function load()
{
parent::load();
$request = $this->mOverrideRequest;
if ($request->getText('username', '') != '') {
$this->mUsername = $request->getText('username', '');
}
if ($request->getText('password', '') != '') {
$this->mPassword = $request->getText('password');
$this->mRetype = $request->getText('password');
}
if ($request->getText('email', '') != '') {
$this->mEmail = $request->getText('email');
}
if ($request->getVal('birthyear', '') != '') {
$this->wpBirthYear = $request->getVal('birthyear');
}
if ($request->getVal('birthmonth', '') != '') {
$this->wpBirthMonth = $request->getVal('birthmonth');
}
if ($request->getVal('birthday', '') != '') {
$this->wpBirthDay = $request->getVal('birthday');
}
if ($request->getVal('signupToken', '') != '') {
$this->mToken = $request->getVal('signupToken');
}
if ($request->getVal('returnto', '') != '') {
$this->mReturnTo = $request->getVal('returnto');
}
$this->wpUserBirthDay = strtotime($this->wpBirthYear . '-' . $this->wpBirthMonth . '-' . $this->wpBirthDay);
}
function submit_OTP($user_id, $user_name)
{
global $wgRequest, $wgOut, $wgUser;
$otp_DB = "";
$attempts = 0;
# When OTP button is pressed we we check if the OTP is set on DB.
if ($wgRequest->getCheck('clickBotOTP')) {
SpecialLatch::accDB_useraccid($user_id, $user_id, $acc_id, $otp_DB, $attempts);
# CSRF protection
if (!$wgUser->matchEditToken($wgRequest->getVal('token'))) {
return;
} else {
# If it's correct we set again the correct user name to session and redirect to the main page
if ($otp_DB == $wgRequest->getText('txt_OTP')) {
$wgRequest->setSessionData('wsUserName', $user_name);
$fullURL = $wgRequest->getRequestURL();
$urlMainPage = explode("?", $fullURL);
$wgOut->redirect($urlMainPage[0]);
} else {
if ($attempts < 2) {
SpecialLatch::updDB_useraccid($user_id, $acc_id, $otp_DB, $attempts + 1);
$wgOut->addWikiText(wfMsg('latch-OTP-error'));
} else {
$wgUser->logout();
$wgOut->clearHTML();
$specialUserlogin = new LoginForm();
$specialUserlogin->load();
$error = $specialUserlogin->mAbortLoginErrorMsg ?: 'wrongpassword';
$specialUserlogin->mainLoginForm($specialUserlogin->msg($error)->text());
}
}
}
}
}
public function actionLogin()
{
if (!\Yii::$app->user->isGuest) {
return $this->goHome();
}
$model = new LoginForm();
if ($model->load(Yii::$app->request->post()) && $model->login()) {
return $this->goBack();
}
return $this->render('login', ['model' => $model]);
}
public function run()
{
if ($this->visible) {
$user = new LoginForm();
if ($user->load(\Yii::$app->request->post()) && $user->login()) {
return \Yii::$app->getResponse()->refresh();
} else {
return $this->render('loginWidget', ['user' => $user, 'title' => $this->title]);
}
}
}
function __construct(&$request)
{
global $wgUser;
$this->titleObj = SpecialPage::getTitleFor('Piggyback');
$this->templateData['actionlogin'] = $this->titleObj->getLocalUrl('action=submitlogin');
$this->mOtherName = $request->getVal('wpOtherName');
parent::load();
$this->mType = 'login';
/* fake to don't change remember password */
$this->mRemember = (bool) $wgUser->getGlobalPreference('rememberpassword');
}
public function actionLogin($return_url = null)
{
if (!\Yii::$app->user->isGuest) {
return $this->goHome();
}
$login_form = new LoginForm();
if ($login_form->load(Yii::$app->request->post()) && $login_form->login()) {
if ($return_url) {
Yii::$app->user->setReturnUrl($return_url);
}
return $this->goBack();
} else {
return $this->render('login', ['login_form' => $login_form]);
}
}
public function actionLogin()
{
if (!\Yii::$app->user->isGuest) {
return $this->goHome();
}
$model = new LoginForm();
$login = new \app\models\LoginDetails();
if ($model->load(Yii::$app->request->post())) {
$log = \app\models\User::find()->where(['user_login_id' => $_POST['LoginForm']['username'], 'is_block' => 0])->one();
if (empty($log)) {
\Yii::$app->session->setFlash('loginError', '<i class="fa fa-warning"></i><b> Incorrect username or password. !</b>');
return $this->render('login', ['model' => $model]);
}
$login->login_user_id = $log['user_id'];
$loginuser = $login->login_user_id;
$emplogin = EmpMaster::find()->andWhere(['emp_master_user_id' => $loginuser])->one();
$studlogin = StuMaster::find()->andWhere(['stu_master_user_id' => $loginuser])->one();
if ($studlogin) {
\Yii::$app->session->set('stu_id', $studlogin->stu_master_id);
} else {
if ($emplogin) {
\Yii::$app->session->set('emp_id', $emplogin->emp_master_id);
} else {
if (!$emplogin && !$studlogin) {
\Yii::$app->session->set('admin_user', $loginuser);
} else {
\Yii::$app->session->setFlash('loginError', '<i class="fa fa-warning"></i><b> These Login credentials are Blocked/Deactive by Admin</b>');
return $this->render('login', ['model' => $model]);
}
}
}
$login->login_status = 1;
$login->login_at = new \yii\db\Expression('NOW()');
$login->user_ip_address = $_SERVER['REMOTE_ADDR'];
$login->save(false);
if ($model->login()) {
return $this->goBack();
} else {
return $this->render('login', ['model' => $model]);
}
} else {
return $this->render('login', ['model' => $model]);
}
}
public function actionApprovedAuthorizeSave()
{
$dinasFormlogin = new LoginForm();
/*Ajax Load*/
if (Yii::$app->request->isAjax) {
$dinasFormlogin->load(Yii::$app->request->post());
return Json::encode(\yii\widgets\ActiveForm::validate($dinasFormlogin));
} else {
/*Normal Load*/
if ($dinasFormlogin->load(Yii::$app->request->post())) {
if ($dinasFormlogin->loginformdinas_dinasved()) {
$hsl = \Yii::$app->request->post();
$kdro = $hsl['LoginForm']['kdro'];
return $this->redirect(['/accounting/dinasles-order/approved', 'kd' => $kdro]);
}
}
}
}
public function execute()
{
$Name = $Password = $Remember = $Loginattempt = $Mailmypassword = $LoginToken = null;
extract($this->extractRequestParams());
if (!empty($Loginattempt)) {
// Login attempt
$params = new FauxRequest(array('wpName' => $Name, 'wpPassword' => $Password, 'wpRemember' => $Remember, 'wpLoginattempt' => $Loginattempt, 'wpLoginToken' => $LoginToken));
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
$result = array();
$loginForm = new LoginForm($params);
$caseCode = $loginForm->authenticateUserData();
switch ($caseCode) {
case LoginForm::RESET_PASS:
$result['result'] = 'Reset';
break;
case LoginForm::SUCCESS:
global $wgUser;
$injected_html = '';
wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html));
$wgUser->setGlobalPreference('rememberpassword', $Remember ? 1 : 0);
$wgUser->setCookies();
$result['result'] = 'Success';
$result['lguserid'] = $_SESSION['wsUserID'];
$result['lgusername'] = $_SESSION['wsUserName'];
$result['lgtoken'] = $_SESSION['wsToken'];
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
$result['text'] = wfMsg('noname');
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
$result['text'] = wfMsg('noname');
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
$result['text'] = wfMsg('wrongpassword');
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
$result['text'] = wfMsg('nosuchuser', htmlspecialchars($Name));
break;
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
$result['text'] = wfMsg('wrongpassword');
#set default normal message
$attemptedUser = User::newFromName($Name);
if (!is_null($attemptedUser)) {
$disOpt = $attemptedUser->getGlobalFlag('disabled');
if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) {
#either closed account flag was present, override fail message
$result['text'] = wfMsg('edit-account-closed-flag');
}
}
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
$result['text'] = wfMsg('wrongpasswordempty');
break;
case LoginForm::NEED_TOKEN:
case LoginForm::WRONG_TOKEN:
$result['result'] = 'NeedToken';
$result['text'] = wfMsg('sessionfailure');
break;
case LoginForm::THROTTLED:
$result['result'] = 'Throttled';
$result['text'] = wfMsg('login-throttled');
break;
case LoginForm::ABORTED:
$result['result'] = 'Aborted';
$result['text'] = wfMsg($loginForm->mAbortLoginErrorMsg);
break;
default:
ApiBase::dieDebug(__METHOD__, "Unhandled case value: \"{$caseCode}\"");
}
$dbw = wfGetDB(DB_MASTER);
$dbw->commit();
$this->getResult()->addValue(null, 'ajaxlogin', $result);
} else {
if (!empty($Mailmypassword)) {
// Remind password attemp
$params = new FauxRequest(array('wpName' => $Name));
$result = array();
$loginForm = new LoginForm($params);
$loginForm->load();
global $wgUser, $wgOut, $wgAuth;
if (!$wgAuth->allowPasswordChange()) {
$result['result'] = 'resetpass_forbidden';
$result['text'] = wfMsg('resetpass_forbidden');
} else {
if ($wgUser->isBlocked()) {
$result['result'] = 'blocked-mailpassword';
$result['text'] = wfMsg('blocked-mailpassword');
} else {
if ('' == $loginForm->mUsername) {
$result['result'] = 'noname';
$result['text'] = wfMsg('noname');
} else {
$u = User::newFromName($loginForm->mUsername);
if (empty($u)) {
$result['result'] = 'noname';
$result['text'] = wfMsg('noname');
} else {
if (0 == $u->getID()) {
$result['result'] = 'nosuchuser';
$result['text'] = wfMsg('nosuchuser', $u->getName());
} else {
if ($u->isPasswordReminderThrottled()) {
global $wgPasswordReminderResendTime;
$result['result'] = 'throttled-mailpassword';
$result['text'] = wfMsg('throttled-mailpassword', round($wgPasswordReminderResendTime, 3));
} else {
$res = $loginForm->mailPasswordInternal($u, true);
if (!$res->isOK()) {
$result['result'] = 'mailerror';
$result['text'] = wfMsg('mailerror', $res->getMessage());
} else {
$result['result'] = 'OK';
$result['text'] = wfMsg('passwordsent', $u->getName());
}
}
}
}
}
}
}
$dbw = wfGetDB(DB_MASTER);
$dbw->commit();
$this->getResult()->addValue(null, 'ajaxlogin', $result);
}
}
}
public function execute()
{
// If we're in a mode that breaks the same-origin policy, no tokens can
// be obtained
if ($this->lacksSameOriginSecurity()) {
$this->dieUsage('Cannot create account when the same-origin policy is not applied', 'aborted');
}
// $loginForm->addNewaccountInternal will throw exceptions
// if wiki is read only (already handled by api), user is blocked or does not have rights.
// Use userCan in order to hit GlobalBlock checks (according to Special:userlogin)
$loginTitle = SpecialPage::getTitleFor('Userlogin');
if (!$loginTitle->userCan('createaccount', $this->getUser())) {
$this->dieUsage('You do not have the right to create a new account', 'permdenied-createaccount');
}
if ($this->getUser()->isBlockedFromCreateAccount()) {
$this->dieUsage('You cannot create a new account because you are blocked', 'blocked', 0, array('blockinfo' => ApiQueryUserInfo::getBlockInfo($this->getUser()->getBlock())));
}
$params = $this->extractRequestParams();
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
if ($params['mailpassword'] && !$params['email']) {
$this->dieUsageMsg('noemail');
}
if ($params['language'] && !Language::isSupportedLanguage($params['language'])) {
$this->dieUsage('Invalid language parameter', 'langinvalid');
}
$context = new DerivativeContext($this->getContext());
$context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('type' => 'signup', 'uselang' => $params['language'], 'wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpRetype' => $params['password'], 'wpDomain' => $params['domain'], 'wpEmail' => $params['email'], 'wpRealName' => $params['realname'], 'wpCreateaccountToken' => $params['token'], 'wpCreateaccount' => $params['mailpassword'] ? null : '1', 'wpCreateaccountMail' => $params['mailpassword'] ? '1' : null)));
$loginForm = new LoginForm();
$loginForm->setContext($context);
Hooks::run('AddNewAccountApiForm', array($this, $loginForm));
$loginForm->load();
$status = $loginForm->addNewaccountInternal();
$result = array();
if ($status->isGood()) {
// Success!
$user = $status->getValue();
if ($params['language']) {
$user->setOption('language', $params['language']);
}
if ($params['mailpassword']) {
// If mailpassword was set, disable the password and send an email.
$user->setPassword(null);
$status->merge($loginForm->mailPasswordInternal($user, false, 'createaccount-title', 'createaccount-text'));
} elseif ($this->getConfig()->get('EmailAuthentication') && Sanitizer::validateEmail($user->getEmail())) {
// Send out an email authentication message if needed
$status->merge($user->sendConfirmationMail());
}
// Save settings (including confirmation token)
$user->saveSettings();
Hooks::run('AddNewAccount', array($user, $params['mailpassword']));
if ($params['mailpassword']) {
$logAction = 'byemail';
} elseif ($this->getUser()->isLoggedIn()) {
$logAction = 'create2';
} else {
$logAction = 'create';
}
$user->addNewUserLogEntry($logAction, (string) $params['reason']);
// Add username, id, and token to result.
$result['username'] = $user->getName();
$result['userid'] = $user->getId();
$result['token'] = $user->getToken();
}
$apiResult = $this->getResult();
if ($status->hasMessage('sessionfailure') || $status->hasMessage('nocookiesfornew')) {
// Token was incorrect, so add it to result, but don't throw an exception
// since not having the correct token is part of the normal
// flow of events.
$result['token'] = LoginForm::getCreateaccountToken();
$result['result'] = 'NeedToken';
} elseif (!$status->isOK()) {
// There was an error. Die now.
$this->dieStatus($status);
} elseif (!$status->isGood()) {
// Status is not good, but OK. This means warnings.
$result['result'] = 'Warning';
// Add any warnings to the result
$warnings = $status->getErrorsByType('warning');
if ($warnings) {
foreach ($warnings as &$warning) {
ApiResult::setIndexedTagName($warning['params'], 'param');
}
ApiResult::setIndexedTagName($warnings, 'warning');
$result['warnings'] = $warnings;
}
} else {
// Everything was fine.
$result['result'] = 'Success';
}
// Give extensions a chance to modify the API result data
Hooks::run('AddNewAccountApiResult', array($this, $loginForm, &$result));
$apiResult->addValue(null, 'createaccount', $result);
}
/**
* Logs in a user with given login name and password. If keeploggedin, sets a cookie.
*
* @requestParam string username
* @requestParam string password
* @requestParam string keeploggedin [true/false]
* @responseParam string result [ok/error/unconfirm/resetpass]
* @responseParam string msg - result message
* @responseParam string errParam - error param
*/
public function login()
{
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
$loginForm = new LoginForm($this->wg->request);
$loginForm->load();
// MW1.19 uses different form fields names
// set variables
if ($this->wg->request->getText('username', '') != '') {
$loginForm->mUsername = $this->wg->request->getText('username');
}
if ($this->wg->request->getText('password', '') != '') {
$loginForm->mPassword = $this->wg->request->getText('password');
}
if ($this->wg->request->getText('keeploggedin', '') != '') {
$loginForm->mRemember = $this->wg->request->getCheck('keeploggedin');
}
if ($this->wg->request->getVal('loginToken', '') != '') {
$loginForm->mToken = $this->wg->request->getVal('loginToken');
}
if ($this->wg->request->getVal('returnto', '') != '') {
$loginForm->mReturnTo = $this->wg->request->getVal('returnto');
}
$loginCase = $loginForm->authenticateUserData();
switch ($loginCase) {
case LoginForm::SUCCESS:
// first check if user has confirmed email after sign up
if ($this->wg->User->getGlobalFlag(self::NOT_CONFIRMED_SIGNUP_OPTION_NAME) && $this->wg->User->getGlobalAttribute(self::NOT_CONFIRMED_LOGIN_OPTION_NAME) !== self::NOT_CONFIRMED_LOGIN_ALLOWED) {
// User not confirmed on signup
LoginForm::clearLoginToken();
$this->userLoginHelper->setNotConfirmedUserSession($this->wg->User->getId());
$this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
$this->response->setValues(['result' => 'unconfirm', 'msg' => wfMessage('usersignup-confirmation-email-sent', $this->wg->User->getEmail())->parse()]);
} else {
$result = '';
$resultMsg = '';
if (!wfRunHooks('WikiaUserLoginSuccess', array($this->wg->User, &$result, &$resultMsg))) {
$this->response->setValues(['result' => $result, 'msg' => $resultMsg]);
break;
}
// Login succesful
$injected_html = '';
wfRunHooks('UserLoginComplete', array(&$this->wg->User, &$injected_html));
// set rememberpassword option
if ((bool) $loginForm->mRemember != (bool) $this->wg->User->getGlobalPreference('rememberpassword')) {
$this->wg->User->setGlobalPreference('rememberpassword', $loginForm->mRemember ? 1 : 0);
$this->wg->User->saveSettings();
} else {
$this->wg->User->invalidateCache();
}
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
UserLoginHelper::clearNotConfirmedUserSession();
$this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
// we're sure at this point we'll need the private field'
// value in the template let's pass them then
$this->response->setValues(['username' => $loginForm->mUsername, 'result' => 'ok']);
// regenerate session ID on user login (the approach MW's core SpecialUserLogin uses)
// to avoid race conditions with long running requests logging the user back in & out
// @see PLATFORM-1028
wfResetSessionID();
}
break;
case LoginForm::NEED_TOKEN:
case LoginForm::WRONG_TOKEN:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-sessionfailure')->escaped()]);
break;
case LoginForm::NO_NAME:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-noname')->escaped(), 'errParam' => 'username']);
break;
case LoginForm::NOT_EXISTS:
case LoginForm::ILLEGAL:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-nosuchuser')->escaped(), 'errParam' => 'username']);
break;
case LoginForm::WRONG_PLUGIN_PASS:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpassword')->escaped(), 'errParam' => 'password']);
break;
case LoginForm::WRONG_PASS:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpassword')->escaped(), 'errParam' => 'password']);
$attemptedUser = User::newFromName($loginForm->mUsername);
if (!is_null($attemptedUser)) {
$disOpt = $attemptedUser->getGlobalFlag('disabled');
if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) {
# either closed account flag was present, override fail message
$this->response->setValues(['msg' => wfMessage('userlogin-error-edit-account-closed-flag')->escaped(), 'errParam' => '']);
}
}
break;
case LoginForm::EMPTY_PASS:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpasswordempty')->escaped(), 'errParam' => 'password']);
break;
case LoginForm::RESET_PASS:
$this->response->setVal('result', 'resetpass');
break;
case LoginForm::THROTTLED:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-login-throttled')->escaped()]);
break;
case LoginForm::CREATE_BLOCKED:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-cantcreateaccount-text')->escaped()]);
break;
case LoginForm::USER_BLOCKED:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-login-userblocked')->escaped()]);
break;
case LoginForm::ABORTED:
$this->result = 'error';
$this->msg = wfMessage($loginForm->mAbortLoginErrorMsg)->escaped();
break;
default:
throw new MWException("Unhandled case value");
}
}
public function execute()
{
// $loginForm->addNewaccountInternal will throw exceptions
// if wiki is read only (already handled by api), user is blocked or does not have rights.
// Use userCan in order to hit GlobalBlock checks (according to Special:userlogin)
$loginTitle = SpecialPage::getTitleFor('Userlogin');
if (!$loginTitle->userCan('createaccount', $this->getUser())) {
$this->dieUsage('You do not have the right to create a new account', 'permdenied-createaccount');
}
if ($this->getUser()->isBlockedFromCreateAccount()) {
$this->dieUsage('You cannot create a new account because you are blocked', 'blocked');
}
$params = $this->extractRequestParams();
$result = array();
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
if ($params['mailpassword'] && !$params['email']) {
$this->dieUsageMsg('noemail');
}
$context = new DerivativeContext($this->getContext());
$context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('type' => 'signup', 'uselang' => $params['language'], 'wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpRetype' => $params['password'], 'wpDomain' => $params['domain'], 'wpEmail' => $params['email'], 'wpRealName' => $params['realname'], 'wpCreateaccountToken' => $params['token'], 'wpCreateaccount' => $params['mailpassword'] ? null : '1', 'wpCreateaccountMail' => $params['mailpassword'] ? '1' : null)));
$loginForm = new LoginForm();
$loginForm->setContext($context);
$loginForm->load();
$status = $loginForm->addNewaccountInternal();
$result = array();
if ($status->isGood()) {
// Success!
$user = $status->getValue();
// If we showed up language selection links, and one was in use, be
// smart (and sensible) and save that language as the user's preference
global $wgLoginLanguageSelector, $wgEmailAuthentication;
if ($wgLoginLanguageSelector && $params['language']) {
$user->setOption('language', $params['language']);
}
if ($params['mailpassword']) {
// If mailpassword was set, disable the password and send an email.
$user->setPassword(null);
$status->merge($loginForm->mailPasswordInternal($user, false, 'createaccount-title', 'createaccount-text'));
} elseif ($wgEmailAuthentication && Sanitizer::validateEmail($user->getEmail())) {
// Send out an email authentication message if needed
$status->merge($user->sendConfirmationMail());
}
// Save settings (including confirmation token)
$user->saveSettings();
wfRunHooks('AddNewAccount', array($user, $params['mailpassword']));
if ($params['mailpassword']) {
$logAction = 'byemail';
} elseif ($this->getUser()->isLoggedIn()) {
$logAction = 'create2';
} else {
$logAction = 'create';
}
$user->addNewUserLogEntry($logAction, (string) $params['reason']);
// Add username, id, and token to result.
$result['username'] = $user->getName();
$result['userid'] = $user->getId();
$result['token'] = $user->getToken();
}
$apiResult = $this->getResult();
if ($status->hasMessage('sessionfailure') || $status->hasMessage('nocookiesfornew')) {
// Token was incorrect, so add it to result, but don't throw an exception
// since not having the correct token is part of the normal
// flow of events.
$result['token'] = LoginForm::getCreateaccountToken();
$result['result'] = 'needtoken';
} elseif (!$status->isOK()) {
// There was an error. Die now.
// Cannot use dieUsageMsg() directly because extensions
// might return custom error messages.
$errors = $status->getErrorsArray();
if ($errors[0] instanceof Message) {
$code = 'aborted';
$desc = $errors[0];
} else {
$code = array_shift($errors[0]);
$desc = wfMessage($code, $errors[0]);
}
$this->dieUsage($desc, $code);
} elseif (!$status->isGood()) {
// Status is not good, but OK. This means warnings.
$result['result'] = 'warning';
// Add any warnings to the result
$warnings = $status->getErrorsByType('warning');
if ($warnings) {
foreach ($warnings as &$warning) {
$apiResult->setIndexedTagName($warning['params'], 'param');
}
$apiResult->setIndexedTagName($warnings, 'warning');
$result['warnings'] = $warnings;
}
} else {
// Everything was fine.
$result['result'] = 'success';
}
$apiResult->addValue(null, 'createaccount', $result);
}
function load()
{
parent::load();
$request = $this->mOverrideRequest;
if ($request->getText('wpName2Ajax', '') != '') {
$this->mUsername = $request->getText('wpName2Ajax', '');
}
if ($request->getText('wpPassword2Ajax', '') != '') {
$this->mPassword = $request->getText('wpPassword2Ajax');
}
if ($request->getText('wpRemember2Ajax', '') != '') {
$this->mRemember = $request->getCheck('wpRemember2Ajax');
}
$this->mReturnTo = $request->getVal('returnto');
}
public function actionText()
{
//请求处理
$req = Yii::$app->request;
//创建一个请求对象
$data_get = $req->get('id');
//获取get请求中参数id的值
$date_post = $req->post('id');
//....post....
//响应处理
$res = Yii::$app->response;
//创建一个响应对象
$res->statusCode = '';
//网页状态吗的设置
$res->headers->add('', '');
//添加http响应头的信息
$res->headers->set('', '');
//设置http响应头的信息
//跳转
$res->headers->add('location', 'url');
//网页的跳转或者
$this->redirect('url', '状态码');
//文件下载
$res->headers->add('content-disposition', 'attachment;filename=a.jpg');
//文件下载
$res->sendFile('a.jpg');
//文件下载
//session
$session = Yii::$app->session;
//创建一个session对象
$session->isActive;
//判断session是否开启
$session->open();
//开启session
$session->set('key', 'value');
//设置session
$session['key'] = 'value';
//设置session
$session->remove('key');
//删除session
unset($session['key']);
//删除session
//cookie
$cookie = YII::$app->response->cookies;
//创建cookie集
$c_data = array('name' => 'key', 'value' => 'value');
$cookie->add(new Cookie($c_data));
//增加一条cookie
$cookie->remove('key');
//删除key 的cookie
//请求中的cookie
$cookies = Yii::$app->request->cookies;
//创建请求中的cookie集
echo $cookie->getValue('key');
//获取请求中key的cookie
//视图的创建
// return $this->renderPartial('index','数据数组');//
// return $this->render('index','数据数组');
//数据过滤
// Html::encode();//字符串转义
//视图互相调用
// $this->render(); 在视图文件里引入需要的视图文件即可
if (!\Yii::$app->user->isGuest) {
return $this->goHome();
}
$model = new LoginForm();
if ($model->load(Yii::$app->request->post()) && $model->login()) {
return $this->goBack();
} else {
// $this->render
return $this->render('login', ['res' => '用户名密码错误']);
}
}
public static function wfLoginHook(&$returnTo, &$returnToQuery, &$type)
{
global $wgUser, $wgOut, $wgRequest, $wgTitle;
$acc_id = "";
$msg = "";
$app_id = "";
$secret = "";
$type = 'error';
$two_factor_token = "";
$user_id = "";
# We remove the user's name to "freeze" the session
$wgRequest->setSessionData('wsUserName', "");
# If app_id, secret, user_id and the account_id are already in the DB, we take them
SpecialLatch::accDB_appsecret($app_id, $secret);
SpecialLatch::accDB_useraccid($wgUser->getId(), $user_id, $acc_id);
# If the user doesn't have Latch configured we redirect him to Main Page without checking anything
if (!empty($user_id) && !empty($acc_id)) {
# We call the Status function from the Latch SDK
$api = new Latch($app_id, $secret);
$statusResponse = $api->status($acc_id);
$responseData = $statusResponse->getData();
$responseError = $statusResponse->getError();
if (empty($statusResponse) || empty($responseData) && empty($responseError)) {
return false;
} else {
# If everything is OK and the status is on, we redirect the user to the main page and set the user's name again
if (!empty($responseData) && $responseData->{"operations"}->{$app_id}->{"status"} === "on") {
if (!empty($responseData->{"operations"}->{$app_id}->{"two_factor"})) {
$two_factor_token = $responseData->{"operations"}->{$app_id}->{"two_factor"}->{"token"};
# We have another special page for the OTP page. We insert the OTP token on DB and we redirect to that page
if (!empty($two_factor_token)) {
SpecialLatch::updDB_useraccid($user_id, $acc_id, $two_factor_token);
$wgOut->redirect(SpecialPage::getTitleFor('LatchOTP')->getFullURL('', false, PROTO_CURRENT));
}
} else {
SpecialLatch::putUserInSession();
}
} else {
if (!empty($responseData) && $responseData->{"operations"}->{$app_id}->{"status"} === "off") {
$wgUser->logout();
$specialUserlogin = new LoginForm();
$specialUserlogin->load();
$error = $specialUserlogin->mAbortLoginErrorMsg ?: 'wrongpassword';
$specialUserlogin->mainLoginForm($specialUserlogin->msg($error)->text());
} else {
SpecialLatch::putUserInSession();
}
}
}
} else {
SpecialLatch::putUserInSession();
}
return true;
}